Reports
Cyber security in local government
What this report is about
NSW local councils provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies.
Councils need to manage cyber security risks to ensure their information, data and systems are appropriately safeguarded. Councils also need to be prepared to detect, respond and recover when a cyber security incident occurs.
The audit assessed how effectively three selected councils identified and managed cyber security risks.
The audit also included the Department of Planning, Housing and Infrastructure (Office of Local Government) and Department of Customer Service (Cyber Security NSW), due to their roles in providing guidance and support to local councils.
Audit findings
The audit found that the selected councils are not effectively identifying and managing cyber security risks. Each of the councils undertook activities to improve their cyber security during the audit period, but this audit found significant gaps in their cyber security risk management and cyber security processes.
Such gaps result in unmitigated risks to the security of information and assets which, if compromised, could impact their local communities, service delivery and public infrastructure.
Cyber Security NSW and the Office of Local Government recommend that councils adopt requirements in the Cyber Security Guidelines for Local Government, but could do more to monitor whether the Guidelines are enabling better cyber security risk management in the sector.
Audit recommendations
In summary, the councils should:
- integrate assessment and monitoring of cyber security risks into corporate governance processes
- self-assess their performance against Cyber Security NSW's guidelines for local government
- develop and implement a risk-based cyber security improvement plan and program of activities
- develop, implement and test a cyber incident response plan.
Cyber Security NSW and the Office of Local Government should regularly consult on cyber security risks facing local government, and review the effectiveness of guidelines and related resources for the sector.
While this report focuses on the performance of the selected councils, the findings and recommendations should be considered by all councils to better understand their risks and challenges relevant to managing cyber security risks.
Read the PDF report
Parliamentary reference - Report number #392- released 26 March 2024
Local Government 2023
What this report is about
Results of the local government sector financial statement audits for the year ended 30 June 2023.
Findings
Unqualified audit opinions were issued for 85 councils, eight county councils and 12 joint organisations.
Qualified audit opinions were issued for 36 councils due to non-recognition of rural firefighting equipment vested under section 119(2) of the Rural Fires Act 1997.
The audits of seven councils, one county council and one joint organisation remain in progress at the date of this report due to significant accounting issues.
Fifty councils, county councils and joint organisations missed the statutory deadline of submitting their financial statements to the Office of Local Government, within the Department of Planning, Housing and Infrastructure, by 31 October.
Audit management letters included 1,131 findings with 40% being repeat findings and 91 findings being high-risk. Governance, asset management and information technology continue to represent 65% of the key areas for improvement.
Fifty councils do not have basic governance and internal controls to manage cyber security.
Recommendations
To improve quality and timeliness of financial reporting, councils should:
- adopt early financial reporting procedures, including asset valuations
- ensure integrity and completeness of asset source records
- perform procedures to confirm completeness, accuracy and condition of vested rural firefighting equipment.
To improve internal controls, councils should:
- track progress of implementing audit recommendations, and prioritise high-risk repeat issues
- continue to focus on cyber security governance and controls.
Read the PDF report
Regulation insights
What this report is about
In this report, we present findings and recommendations relevant to regulation from selected reports between 2018 and 2024.
This analysis includes performance audits, compliance audits and the outcomes of financial audits.
Effective regulation is necessary to ensure compliance with the law as well as to promote positive social and economic outcomes and minimise risks with certain activities.
The report is a resource for public sector leaders. It provides insights into the challenges and opportunities for more effective regulation.
Audit findings
The analysis of findings and recommendations is structured around four key themes related to effective regulation:
- governance and accountability
- processes and procedures
- data and information management
- support and guidance.
The report draws from this analysis to present insights for agencies to promote effective regulation. It also includes relevant examples from recent audit reports.
In this report, we also draw out insights for agencies that provide a public sector stewardship role.
The report highlights the need for agencies to communicate a clear regulatory approach. It also emphasises the need to have a consistent regulatory approach, supported by robust information about risks and accompanied with timely and proportionate responses.
The report highlights the need to provide relevant support to regulated parties to facilitate compliance and the importance of transparency through reporting of meaningful regulatory information.
Read the PDF report
State Finances 2023
What this report is about
Results of the audit of the Consolidated State Financial Statements of the New South Wales General Government Sector (GGS) and Total State Sector (TSS) for the year ended 30 June 2023.
Findings
The audit opinion on the 2022–23 Consolidated State Financial Statements was qualified in relation to two issues and included an emphasis of matter.
The first qualification matter is a continuation of the prior year limitation of scope on the audit relating to the Catholic Metropolitan Cemeteries Trust (CMCT), a controlled state entity, who continued to deny access to its management, books and records for the purposes of a financial audit. As a result, the Audit Office was unable to obtain sufficient appropriate audit evidence to support the assets, liabilities, income and expenses relating to CMCT recorded in the TSS and the equity investment recognised in the GGS relating to the net assets of CMCT.
The second qualification matter relates to the limitations on the accuracy and reliability of financial information relating to Statutory Land Managers (SLMs) and Common Trust entities (CTs) controlled by the State and were either exempted from requirements to prepare financial reports, or who were required to submit financial reports and have not done so. The Audit Office was unable to obtain sufficient appropriate audit evidence to determine the impact on the value of non-land assets and liabilities, income and expenses that should be recognised in the 2022–23 Consolidated State Financial Statements and which have not been recorded in the Consolidated State Financial Statements.
The independent audit opinion also includes an emphasis of matter drawing attention to key decisions made by the NSW Government regarding the future of the Transport Asset Holding Entity of New South Wales (TAHE).
Recommendations
The report includes recommendations for NSW Treasury to address several high-risk findings, including:
- ensuring accurate and reliable financial information is available to recognise the non-land balances of SLMs and CTs
- ensuring the CMCT, SLMs and CTs meet their statutory reporting obligations
- conducting a broader review of the financial reporting exemption framework
- continued monitoring of TAHE's control over its assets
- providing timely guidance to the sector relating to legislative or policy changes that impact financial reporting
- developing an accounting policy for the reimbursement of unsuccessful tender bid cost contributions.
Read the PDF report
Internal controls and governance 2023
What this report is about
This report analyses the internal controls and governance of the 25 largest agencies in the NSW public sector, excluding state owned corporations and public financial corporations, for the year ended 30 June 2023.
Findings
Internal control trends
The proportion of control deficiencies identified as high-risk this year decreased to 4.5% (8.2% in 2022).
Repeat findings of control deficiencies represent 38% of all findings (48% in 2022).
Information technology
Over half of the agencies reviewed have deficiencies in managing user access to their information systems. Over a third of agencies had deficiencies in their controls over privileged user accounts within their information technology environments.
Cyber security
Over 80% of assessments for maturity levels against the NSW Cyber Security Policy have reported one or more self-assessed Mandatory Requirements are not practiced on a consistent and regular basis.
Essential Eight cyber controls have not improved, and they need to.
Governance framework
Deficiencies were noted in agencies' governance and risk management frameworks, namely: outdated risk management policies, lack of risk appetite statements, and internal audit functions not being externally evaluated.
Payroll and work health and safety (WHS)
Overtime expenses increased by 40% between 2020 and 2023, compared to salaries and wages which increased by 16% over the same period.
Five agencies have WHS policies that do not reflect current WHS regulations.
Recommendations
Several important recommendations were made for agencies to prioritise efforts to improve cyber security controls and cyber resilience measures.
It was also recommended that agencies periodically review their risk management maturity and implement action plans, and ensure their WHS policies and procedures reflect current legislation requirements including the need to manage psychosocial risks.
Internal controls are processes, policies and procedures that help agencies to:
- operate effectively and efficiently
- produce reliable financial reports
- comply with laws and regulations
- support ethical government.
This chapter outlines the overall trends for agency controls and governance issues, including the number of audit findings, the degree of risk those deficiencies pose to the agency, and a summary of the most common deficiencies found across agencies.
For consistency and comparability, we have adjusted the 2022 results to incorporate additional audit findings that were reported after the date of the Internal controls and governance 2022 report. Therefore, the 2022 figures will not necessarily align with those reported in our 2022 report.
Section highlights
- The Audit Office identified 12 high-risk findings, compared to 23 last year, with eight repeated from last year. Eleven of the high-risk findings related to financial controls while one related to other (governance) controls.
- The proportion of repeat deficiencies has decreased from 48% in 2021–22 to 38% in 2022–23.
This chapter outlines our audit observations, conclusions and recommendations arising from our review of agency controls to manage key financial systems.
Section highlights
- Over half of the agencies reviewed have deficiencies in managing user access.
- Thirty-six per cent of agencies had deficiencies in their controls over privileged accounts.
- Weaknesses were identified in how agencies manage service providers or other organisations which have access to their systems and data.
- Inadequate records were kept to demonstrate approvals for key system implementation milestones, including successful data migration testing and approval for go-live.
- Thirty-two per cent of agencies had not implemented segregations of duties over key payroll functions.
This chapter outlines our audit observations, conclusions and recommendations arising from our review of agencies' cyber security.
Section highlights
- Eighty-three per cent of maturity assessments have reported one or more Mandatory Requirements below level three, which is the level at which the requirement is self-assessed and considered to be practiced on a consistent and regular basis.
- Essential Eight maturity levels have remained unchanged or have declined, and may not be suitable for the level of risk agencies face.
- All 25 agencies reviewed have a cyber incident response plan and all but two newly created agencies tested their plan.
- Systems to detect cyber incidents across agencies could improve.
- There is a risk of under reporting cyber incidents at six agencies that kept insufficient records to support their cyber incident classifications.
- Overall, agencies need to increase their focus and prioritise efforts to ensure effective cyber security and resilience measures are in place.
Governance in the context of the NSW public service refers to the structures, processes, and mechanisms by which government departments and agencies are held to account when they make decisions and implement policies and programs in the service of the public interest. It also includes the principles and practices that guide how these agencies work together.
This chapter outlines our audit observations, conclusions and recommendations from our review of agencies' governance frameworks and practices, with consideration of NSW Treasury issued policies and best practices. It focuses on two key areas: governance arrangements and risk management.
Section highlights
- Whilst agencies have generally adopted governance and risk management frameworks that align with Treasury issued policies and best practices, we noted deficiencies, including:
- 20% of governing boards operated without a board charter
- 16% of agencies had risk management policies that were beyond their scheduled review date
- 16% of agencies did not have a risk appetite statement
- 28% of agency internal audit functions have not been externally evaluated in the last five years.
- Agencies should perform periodic assessments/reviews of their risk maturity and implement action plans where required.
This chapter outlines our audit observations, conclusions and recommendations arising from our review of agencies' payroll controls and management of work health and safety (WHS).
Section highlights
- Agencies should improve their controls around payroll masterfile maintenance, such as enforcing segregation of duties in system access levels and ensuring changes to data are reviewed by an independent officer.
- On average, overtime expenses represented three per cent of total salaries and wages in 2023 and have increased by 40.2% since 2020, compared to salaries and wages which increased by 16.3% over the same period.
- Five agencies have outdated WHS policies, which do not reflect changes to WHS regulations. Sixteen per cent of agencies have not included psychosocial hazards in their WHS procedures or risk assessment process.
Health 2023
What this report is about
Results of the Health portfolio of agencies' financial statement audits for the year ended 30 June 2023.
The audit found
Unmodified audit opinions were issued for all Health portfolio agencies' financial statements.
The number of monetary misstatements increased in 2022–23, driven by key accounting issues, including the first-time recognition of paid parental leave and plant and equipment fair value adjustments.
The key audit issues were
NSW Health identified errors regarding the recognition and calculation of long service leave entitlements for employees with ten or more years of service that had periods of part time service in the first ten years, resulting in prior period restatements.
Comprehensive revaluation of buildings at the Graythwaite Charitable Trust found errors in the previous year's valuation, resulting in prior period restatements.
New parental leave legislation increased employee liabilities for portfolio agencies. The Ministry of Health corrected the consolidated financial statements to record parental leave liabilities for all agencies within the Health portfolio.
A repeat high-risk issue relates to processing time records by administrators that have not been reviewed prior to running the pay cycle.
Thirty per cent of reported issues were repeat issues.
The audit recommended
Portfolio agencies should ensure any changes to employee entitlements are assessed for their potential financial statements impact under the relevant Australian Accounting Standards.
Portfolio agencies should address deficiencies that resulted in qualified reports on:
- the design and operation of shared service controls
- prudential non-compliance at residential aged care facilities.
This report provides Parliament and other users of the Health portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Health portfolio of agencies (the portfolio) for 2023.
Section highlights
- Unqualified audit opinions were issued for all portfolio agencies required to prepare general purpose financial statements.
- The total number of errors (including corrected and uncorrected) in the financial statements increased compared to the prior year.
- The Ministry of Health retrospectively corrected an $18.9 million adjustment in its financial statements relating to long service leave entitlements for certain employees.
- Graythwaite Charitable Trust retrospectively corrected a $4.2 million adjustment in its financial statements related to prior period valuations.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines observations and insights from our financial statement audits of agencies in the Health portfolio.
Section highlights
- The 2022–23 audits identified one high-risk and 57 moderate risk issues across the portfolio.
- The high-risk matter related to the forced-finalisation of time records.
- The total number of findings increased from 67 to 111 in 2022–23.
- Thirty per cent of the issues were repeat issues. Most repeat issues related to internal control deficiencies or non-compliance with key legislation and/or central agency policies.
- Forced-finalisation of time records, accounting for the new paid parental leave provision and user access review deficiencies were the most commonly reported issues.
- Qualified Assurance Practitioner's reports were issued on:
- the design and operation of controls as documented by HealthShare NSW
- the Ministry's Annual Prudential Compliance Statements in relation to residential aged care facilities.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Transport 2023
What this report is about
Result of the Transport portfolio of agencies' financial statement audits for the year ended 30 June 2023.
The audit found
Unqualified audit opinions were issued for all Transport portfolio agencies.
An 'emphasis of matter' paragraph was included in the Transport Asset Holding Entity of New South Wales' (TAHE) independent auditor's report, which draws attention to management's disclosure regarding proposed changes to TAHE's operating model.
Government's decision to convert TAHE into a non-commercial Public Non-Financial Corporation may impact the future valuation and the control of TAHE's assets.
Transport for NSW's valuation of roads and bridges resulted in a net increase to its asset value by $15.7 billion.
Transport for NSW and Sydney Metro have capitalised over $300 million of tender bid costs paid to unsuccessful tender bidders relating to significant infrastructure projects. Whilst NSW Treasury policy provides clarity on the reimbursement of unsuccessful bidders' costs, clearer guidance on how to account for these costs in agency's financial statements is required.
The key audit issues were
The number of issues reported to management decreased from 53 in 2021–22 to 49 in 2022–23.
High-risk findings include:
- gaps in how Sydney Metro manages its contractors and how conflicts of interest are recorded and managed
- future financial reporting implications to account for government's proposed changes to TAHE's future operating model, including asset valuations and control assessments of assets and operations
- Parramatta Park Trust's tree assets' valuation methodology needs to be addressed.
Recommendations were made to address the identified deficiencies.
This report provides Parliament and other users of the Transport portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Transport portfolio of agencies (the portfolio) for 2023.
Section highlights
- Unqualified audit opinions were issued on all the portfolio agencies’ 30 June 2023 financial statements.
- An 'Emphasis of Matter' paragraph was included in the Transport Asset Holding Entity of New South Wales’ (TAHE) Independent Auditor's Report to draw attention to management's disclosure regarding the proposed changes to TAHE's future operating model.
- The total number of errors (including corrected and uncorrected) in the financial statements increased by 59% compared to the prior year.
- The recent government's decision to convert TAHE into a non-commercial Public Non-Financial Corporation may impact the future valuation and the control of TAHE’s assets.
- Transport for NSW needs to further improve its quality assurance processes over comprehensive valuations, in particular, ensuring key inputs used in the valuations are properly supported and verified.
- Transport for NSW and Sydney Metro capitalised over $300 million of bid costs paid to unsuccessful bidders. NSW Treasury’s Bid Cost Contributions Policy does not contemplate how these costs should be recognised in agency’s financial statements. Transport agencies should work with NSW Treasury to develop an accounting policy for the bid cost contributions to ensure consistent application across the sector.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Transport portfolio.
Section highlights
- The 2022–23 audits identified four high risks and 28 moderate risk issues across the portfolio. Thirty-nine per cent of issues were repeat findings.
- Four high risk findings include:
- TAHE’s asset valuations (new)
- TAHE’s control of assets and operations (new)
- Sydney Metro’s management of contractors and conflicts of interest (new)
- Parramatta Park Trust’s valuation of trees (repeat).
- The total number of findings decreased from 53 in 2021–22 to 49 in 2022–23. Many repeat findings related to control weaknesses over the asset valuation, payroll processes, conflicts of interest and information technology user access administration.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Planning and Environment 2023
What this report is about
Results of the Planning and Environment portfolio financial statement audits for the year ended 30 June 2023.
The audit found
Unqualified audit opinions were issued for all completed Planning and Environment portfolio agencies. Seven audits are ongoing.
The Catholic Metropolitan Cemeteries Trust (CMCT) did not comply with its obligations under the Government Sector Finance Act 2018 (GSF Act) to prepare and submit financial statements for audit.
The Department of Planning and Environment (the department) has not yet provided their assessment of the financial reporting requirements for the 579 Category 2 Statutory Land Managers (SLMs) for 2022–23.
One-hundred-and-nineteen Commons Trusts are non-compliant with the GSF Act as they have not submitted their financial statements for audit.
We issued unqualified opinions on the Water Administration Ministerial Corporation's 2020–21, 2021–22 and 2022–23 financial statements.
The number of monetary misstatements identified in our audits decreased from 59 in 2021–22 to 51 in 2022–23, however the gross value of misstatements increased.
The key audit issues were
The former Resilience NSW and NSW Reconstruction Authority (the Authority) re-assessed the accounting implications arising from contractual agreements relating to temporary housing assets associated with the Northern Rivers Temporary Homes Program. This resulted in adjustments to recognise the associated assets and liabilities.
We continue to identify significant deficiencies in NSW Crown land information records.
The department has not been effective in addressing the differing practices for the financial reporting of rural firefighting equipment vested to councils under section 119 (2) of the Rural Fires Act 1997.
The number of findings across the portfolio reported to management increased from 132 in 2021–22 to 140 in 2022–23. Thirty per cent of issues were repeated from the prior year.
Seven high-risk issues were identified. These related to the findings outlined above, deficiencies in quality reviews of asset valuations, internal control processes and IT general controls.
The audit recommended
Recommendations were made to the department and portfolio agencies to address these deficiencies.
This report provides Parliament and other users of the Planning and Environment portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
-
financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Planning and Environment portfolio of agencies (the portfolio) for 2023.
Section highlights
-
Unqualified audit opinions were issued on all completed 30 June 2023 financial statements audits of portfolio agencies. Seven audits are ongoing.
-
We have been unable to commence audits of the Catholic Metropolitan Cemeteries Trust (CMCT). NSW Treasury's position remains that the Catholic CMCT is a controlled entity of the State for financial reporting purposes. This means CMCT is a Government Sector Finance (GSF) agency and is obliged under Section 7.6 of the Government Sector Finance Act 2018 (GSF Act) to prepare financial statements and submit them to the Auditor-General for audit. To date, CMCT has not met its statutory obligations under the GSF Act.
-
The Department of Planning and Environment has not yet provided their assessment against the reporting exemption requirements in the Government Sector Finance Regulation 2018 (GSF Regulation) for the estimated 579 Category 2 Statutory Land Managers (SLMs) or 119 Commons Trusts for 2022–23 and no Category 2 SLM or Commons Trust has submitted its 2022–23
financial statements for audit. Consequently, the lack of compliance with reporting requirements by these 698 agencies presents a challenge to obtaining reliable financial data for these agencies for the purposes of consolidation to the Total State Sector Accounts.
-
The audits of the Water Administration Ministerial Corporation's (WAMC) financial statements for the years ended 30 June 2021 and 30 June 2022 were completed in June 2023 and unqualified audit opinions issued. The 30 June 2023 audit was completed and an unqualified audit opinion was issued on 12 October 2023.
-
The number of reported corrected misstatements decreased from 46 in 2021–22 to 36, however the gross value of misstatements increased from $73 million in 2021–22 to $491.8 million in 2022–23.
-
Portfolio agencies met the statutory deadline for submitting their 2022–23 early close financial statements and other mandatory procedures.
-
A change to the NSW paid parental leave scheme, effective October 2023, created a new legal obligation that needed to be recognised by impacted government agencies. Impact to the agencies' financial statements were not material.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the portfolio.
Section highlights
-
The number of findings across the portfolio reported to management increased from 132 in 2021–22 to 140 in 2022–23 and 30% were repeat issues (34% in 2021–22).
-
The 2022–23 audits identified seven high-risk and 76 moderate risk issues across the portfolio. Four of the high-risk issues were repeat issues, one was a repeat issue with the risk rating reassessed to high-risk in the current year and two were new findings in 2022–23.
-
The former Resilience NSW and NSW Reconstruction Authority had previously assessed that they did not control the temporary housing assets associated with the administration of the Northern Rivers Temporary Homes Program, under relevant accounting standards. A re-assessment of the agreements was made subsequent to the submission of the Authority’s 2022–23 financial statements for audit, which determined that the Authority was the appropriate NSW Government agency to recognise these assets and associated liabilities not previously recognised by the Authority or the former Resilience NSW.
-
There continues to be significant deficiencies in Crown land records. The department should continue to implement their data strategy and action plan to ensure the Crown land database is complete and accurate.
-
Since 2017, the Audit Office has recommended that the department, through OLG should address the differing practices for the financial reporting of rural firefighting equipment vested to councils under section 119 (2) of the Rural Fires Act 1997. The department has not been effective in resolving this issue. In 2023, twenty-six of 108 completed audits of councils received qualified audit opinions on their 2023 financial statements (43 of 146 completed audits in 2022). Six councils had their qualifications for not recognising vested rural firefighting equipment removed in 2022–23.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Members' additional entitlements 2023
What this report is about
This report assesses compliance of claims made by members of the NSW Parliament during the 2022–23 financial year with certain requirements outlined in the Parliamentary Remuneration Tribunal’s Determination (the determination).
What we found
The audit selected a sample of members’ claims. The audit does not test every claim made by members. The audit identified 33 departures from the determination. In addition, we identified seven instances where members did not submit their annual loyalty scheme declarations by the date specified in the Department of Parliamentary Services’ (the department) administrative requirements.
What we recommended
The Parliamentary Remuneration Tribunal should provide greater clarity on current processes and implications of departures from the guidelines to members. The department should work with members to provide them additional training or education to better help them comply with the determination.
The department should continue to work with presiding officers, members, the clerk of the Parliaments and the clerk of the Legislative Assembly to enhance reporting of members’ expenditure.
The Auditor-General has reviewed the compliance of the members of the NSW Parliament (members) with certain requirements outlined in the Parliamentary Remuneration Tribunal’s Determination (the determination) for the year ended 30 June 2023.
The Auditor-General’s review analyses claims made by members during the 2022–23 financial year. We use data analytics to select a sample of members’ claims and focus on claims that our data analysis identifies as being at higher risk. We do not test every claim made by members. Our sample consisted of 70 claims submitted by 64 of 135 Members.
Results
Our audit procedures identified 33 departures from the determination. In addition, we identified seven instances where members did not submit their annual loyalty scheme declarations by the date specified in Department of Parliamentary Services’ (the department) administrative requirements.
Such departures have been consistently identified in the past years and indicate greater clarity is needed in the current processes and where training or education for members is required. These departures were as follows:
- 22 members did not submit their claims for payment within 60 days of receipt of invoice or incurring the expense (2022: 12 members’ claims)
- 4 members submitted their Sydney Allowance reconciliations after the due date (2022: six members’ reconciliations)
- 2 members had claimed for publications under the Communications Allowance but not made the required authorisations and attributions upon publication (2022: four member’s publications)
- 1 member made a claim for a Communication Allowance during the blackout period
- 4 members did not submit their annual loyalty/ incentive scheme declarations (2022: two members)
- 7 members submitted their annual loyalty/ incentive scheme declarations after the date specified in the department’s administrative requirements (2022: 16 declarations).
Background
The Parliamentary Remuneration Tribunal (the tribunal) determines the salary and additional entitlements of the members, details of which are set out in the tribunal’s annual determination. The NSW Parliament, through the department, administers payments of additional entitlements to members. An overview is presented below:
Twenty-two members did not submit their claims for payment within 60 days of receipt of invoice or incurring the expense
The determination requires members to submit expense claims to the department within 60 days of receipt of invoice or incurring the expense. Our audit procedures identified 22 instances where members submitted their claims between three and 284 days late. This includes 18 members who currently sit in the Legislative Assembly or Council.
Four members submitted their Sydney Allowance reconciliations after the due date
At the start of each financial year, a member can choose to receive the Sydney Allowance as either an annual fixed amount paid monthly with their salary, or at a daily rate for each required overnight stay. Members who choose to receive an annual fixed amount must submit reconciliations twice a year to the department and return any excess of the allowance over actual expenses incurred by 30 September each year. Three members were late filing their mid-year reconciliations and one member was late filing their annual reconciliation (includes three sitting members). None of the members who filed late reconciliations needed to refund any unspent portion of their allowance to the department.
Greater clarity in current processes and training or education to members is required to address departures from the determination
There is an increase in the number of departures from the determination reported in our Auditor-General’s Report to Parliament on members’ additional entitlements since 2021–22. There is a need for greater clarity in current processes and guidance including increased training or education to help support members comply with the determination. We recommend the tribunal provides greater clarity on current processes and implications of departures from the guidelines to members. We recommend the department works with members to provide them additional training or education to better help them comply with the determination.
Open prior period recommendations
Enhanced public reporting
In 2016, the Auditor-General’s Report to Parliament recommended the tribunal consider requiring the department to regularly publish full details of members’ expenditure claims on its website in an accessible and searchable format. The tribunal had developed a plan requiring greater public reporting of members’ additional expenditure from 1 July 2019 but it does not have the power to require the department to facilitate this. This matter has been raised every year since 2016 and it continues to remain an open recommendation in 2023.
The Annual Reports of the Legislative Assembly and the Legislative Council, published on the Parliament’s website, currently list the total amount claimed during the year by each member for each allowance. However, transparency around members’ claims would be enhanced if information was more extensively and regularly published on the Parliament’s website. The department should continue to work with the presiding officers, members, the clerk of the Parliaments and the clerk of the Legislative Assembly to enhance reporting of members’ expenditure.
Appendix one – Response from Department of Parliamentary Services
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Regional NSW 2023
What this report is about
Results of the Regional NSW financial statements audits for the year ended 30 June 2023.
What we found
Unqualified audit opinions were issued on all completed audits in the Regional NSW portfolio agencies.
The number of monetary misstatements identified in our audits increased from 28 in 2021–22 to 30 in 2022–23.
What the key issues were
Effective 1 July 2023, staff employed in the Northern Rivers Reconstruction Corporation Division of the Department of Regional NSW transferred to the NSW Reconstruction Authority Staff Agency.
The Regional NSW portfolio agencies were migrated into a new government wide enterprise resourcing planning system.
The total number of audit management letter findings across the portfolio of agencies decreased from 36 to 23.
A high risk matter was raised for the NSW Food Authority to improve the internal controls in the information technology environment including monitoring and managing privilege user access.
What we recommended
Local Land Services should prioritise completing all mandatory early close procedures.
Portfolio agencies should:
- ensure any changes to employee entitlements are assessed for their potential financial statements impact under the relevant Australian Accounting Standards
- prioritise and address internal control deficiencies identified in audit management letters.
This report provides Parliament and other users of the Regional NSW portfolio of agencies financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Regional NSW portfolio of agencies (the portfolio) for 2023.
Section highlights
- Unqualified audit opinions were issued on all completed 30 June 2023 financial statements audits of the portfolio agencies. Two audits are ongoing.
- The total number of errors (including corrected and uncorrected) in the financial statements increased compared to the prior year.
- Portfolio agencies met the statutory deadline for submitting their 2022–23 early close financial statements and other mandatory procedures.
- Portfolio agencies continue to provide financial assistance to communities affected by natural disasters.
- A change to the NSW paid parental leave scheme, effective October 2023, created a new legal obligation that needed to be recognised by impacted government agencies. Impact to the agencies' financial statements were not material.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Regional NSW portfolio.
Section highlights
- The 2022–23 audits identified one high risk and nine moderate risk issues across the portfolio. Of these, one was a moderate risk repeat issue.
- The total number of findings decreased from 36 to 23 which mainly related to deficiencies in internal controls.
- The high risk matter relates to the monitoring and managing of privilege user access at NSW Food Authority.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
